Re: Tagged traffic with same tag on different subinterfaces and one IP

Gosha15 · ‎03-06-2025

Hi all,

I have a question about one scenario.

Router has two interfaces Ten 0/0/0 and Ten 0/0/1 and various of subinterfaces. One subinterface has following configuration:

Ten0/0/0.20
encapsulation dot1Q 20
vrf forwarding blackeyepeace
ip add 1.1.1.2 255.255.255.248

I would like to find out what technology to use to expand this network to Ten0/0/1.20 on the same router.

If I would have possibility then my network would be like this:

int Ten0/0/0; switchport mode access; switchport access vlan 20

int Ten0/0/1; switchport mode access; switchport access vlan 20

interface Vlan 20; ip address 1.1.1.2 255.255.255.248

M02@rt37 · ‎03-06-2025

Hello @Gosha15

See Bridge Virtual Interface (BVI).

The BVI acts like a L3 SVI in a switch, and both TenGig interfaces will belong to the same bridge group.

Best regards
.ı|ı.ı|ı. If This Helps, Please Rate .ı|ı.ı|ı.

Gosha15 · ‎03-06-2025

Thank you for advice. I will dive deep in this technology to understand if it is suitable for my case.

Joseph W. Doherty · ‎03-06-2025

For what purpose? Such as you're trying to double bandwidth between the router and the same switch (as shown in OP diagram)?

If so, a BVI (IOS) (or BDI IOSXE), as suggested by M02@rt37 , may create a L2 loop, that would need to be blocked by something like STP. You would gain interface redundancy, but no additional effective bandwidth. For such a topology, possibly Etherchannel would be better.

If you wanted to span V20, using the router, a BVI/BDI would make more sense, but even then, as switches often have more bit forwarding capacity compared to even more costly routers, generally, you should avoid using the router except for a L3 hop, that cannot be done on a L3 switch.

Gosha15 · ‎03-06-2025

This specific subinterface is wan from provider. On interface there is a lot of others subunit. I want to get this subnet to monitoring system to monitor all ip on cpe and pe sides. It would be nice if someone could give me advice how to get this done without using tracks and ip sla, or redesign network and putting cable in configured L2 port.

Giuseppe Larosa · ‎03-06-2025

Hello @Gosha15 ,

>> This specific subinterface is wan from provider. On interface there is a lot of others subunit. I want to get this subnet to monitoring system to monitor all ip on cpe and pe sides.

what about a DMZ switch ? you insert it between your CPE and the PE and you can monitor port usage

but what the other subinterfaces are doing on your device ? this is the first question . I think you already have some device L2 in the middle between the PE router and your managed device I recommend you to make a network discovery.

you can use CDP or LLDP MED to discover to what your device is connected to.

Hope to help

Giuseppe

Gosha15 · ‎03-06-2025

Yes, it would be good solution. But chain of possible failover grows. If to make redundancy, than 2 more devices need to be monitored and updated. And subscriptions cost and device for reserve need to add to expenditure plan .

Other subinterfaces not for WAN, but for specific services also from provider side.

Discovery protocols is turned off from provider side.

You have very good ideas and if you have more please share. Thanks

Joseph W. Doherty · ‎03-06-2025

So, you're were hoping to sort of "span" the traffic for VLAN 20, on the router?

If so, if the router works as a bridge should, it should be sending unicast traffic to the other bridge port, unless destination is unknown and it's being flooded.

Do have access to the switch, where "spanning" might be available? Although on a trunk port, I don't recall whether you can limit it to a VLAN.

Gosha15 · ‎03-07-2025

I think, I will just use NAT as solution.

Tagged traffic with same tag on different subinterfaces and one IP add